Hummingbad Explained

HummingBad is Android malware, discovered by Check Point in February 2016.[1]

In July 2016, researchers from security firm Check Point Software said the malware installs more than 50,000 fraudulent apps each day, displays 20 million malicious advertisements, and generates more than $300,000 per month in revenue.[2] [3] The research pointed out the Yingmob group, previously accused of being responsible for the Yispecter iOS malware, as responsible for the attack.[4]

Lookout claimed the HummingBad malware was also a part of the Shedun family, however, these claims were refuted.[5] [6]

The most infected region was Asia which included China, India, Philippines, Indonesia and Turkey as the top countries.[7]

Notes and References

  1. Web site: HummingBad: A Persistent Mobile Chain Attack. 4 February 2016. checkpoint.com. 9 October 2016.
  2. Web site: 10 million Android phones infected by all-powerful auto-rooting apps. 2016-07-07. Ars Technica. Dan Goodin - Jul 7, 2016 5:50 pm UTC. 2016-10-02.
  3. Web site: From HummingBad to Worse: New In-Depth Details and Analysis of the HummingBad Android Malware Campaign. 2016-07-01. Check Point Blog. 2016-10-09.
  4. News: YiSpecter: First iOS Malware That Attacks Non-jailbroken Apple iOS Devices by Abusing Private APIs - Palo Alto Networks Blog. 2015-10-04. Palo Alto Networks Blog. en-US. 2016-10-09.
  5. Web site: Another month, another new rooting malware family for Android. elevenpaths.com. 9 October 2016.
  6. Web site: DIY Attribution, Classification, and In-depth Analysis of Mobile Malware. 11 July 2016. checkpoint.com. 9 October 2016.
  7. Web site: Goodin . Dan . 10 million Android phones infected by all-powerful auto-rooting apps . Ars Technica . en-us . 7 July 2016.